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Abstract. We introduce a multi-sorted stratified syllogistic, called ALQS , admitting variables of 
four sorts and a restricted form of quantification over variables of the first three sorts, and prove 
that it has a solvable satisfiability problem by showing that it enjoys a small model property. Then, 
we consider the fragments (ALQS R ) h of ALQS R , consisting of 4L<5<S' i? -formulae whose quantifier 
prefixes have length bounded by h > 2 and satisfying certain syntactic constraints, and prove that 
each of them has an NP-complete satisfiability problem. Finally we show that the modal logic K45 
can be expressed in (ALQS R ) 3 . 



1. Introduction 

Most of the decidability results in computable set theory concern one-sorted multi-level syllogistics, 
namely collections of formulae admitting variables of one sort only, which range over the von Neumann 
universe of sets (see El [TOj for a thorough account of the state-of-art until 2001). Only a few stratified 
syllogistics, where variables of different sorts are allowed, have been investigated, despite the fact that 
in many fields of computer science and mathematics often one has to deal with multi-sorted languages^ 



'The locutions 'multi-level syllogistic' and 'stratified syllogistic' were chosen by Jack Schwartz to name many decidable 
fragments of computable set theory because he saw them as generalizations of Aristotelian syllogistics. 



For instance, in modal logics, one has to consider entities of different types, namely worlds, formulae, 
and accessibility relations. 

In |[T3l an efficient decision procedure was presented for the satisfiability of the Two-Level Syllogistic 
language (2LS). 2LS has variables of two sorts and admits prepositional connectives together with the 
basic set-theoretic operators U, D, \, and the predicate symbols =, G, and C. Then, in (H, it was shown 
that the extension of 2LS with the singleton operator and the Cartesian product operator is decidable. 
Tarski's and Presburger's arithmetics extended with sets have been analyzed in [6]. Subsequently, in 
JH, a three-sorted language 3LSSPU (Three-Level Syllogistic with Singleton, Powerset and general 
Union) has been proved decidable. Recently, in [91], it was shown that the language 3LQS R (Three- 
Level Quantified Syllogistic with Restricted quantifiers) has a decidable satisfiability problem. 3LQS R 
admits variables of three sorts and a restricted form of quantification. Its vocabulary contains only the 
predicate symbols = and €. In spite of that, 3LQS R allows one to express several constructs of set 
theory. Among them, the most comprehensive one is the set-formation operator, which in turn enables 
one to express other operators like the powerset operator, the singleton operator, and so on. In O it 
is also shown that the modal logic S5 can be expressed in a fragment of 3LQS R , whose satisfiability 
problem is N P-complete. 

In this paper we present a decidability result for the satisfiability problem of the set-theoretic lan- 
guage 4LQS R (Four-Level Quantified Syllogistic with Restricted quantifiers). 4LQS R is an extension 
of 3LQS R admitting variables of four sorts and a restricted form of quantification over variables of the 
first three sorts. In addition to the predicate symbols = and €, its vocabulary contains also the pairing 
operator (-,-). 

We will prove that the theory 4LQS R enjoys a small model property by showing how one can extract, 
out of a given model satisfying a 4LQS R -formula if), another model of t\> but of bounded finite cardi- 
nality. The construction of the finite model extends the decision algorithm described in |9). Concerning 
complexity issues, we will show that the satisfiability problem for each of the fragments (4LQS R ) h of 
4LQS R , whose formulae are restricted to have their quantifier prefixes of length at most h > 2 and must 
satisfy certain additional syntactic constraints to be seen later, is N P-complete. 

In addition to the modal logic S5, already expressible in the language 3LQS R , it turns out that in 
4LQS R one can also formalize several properties of binary relations (needed to define accessibility rela- 
tions of well-known modal logics) and some Boolean operations over relations and the inverse operation 
over binary relations. We will also show that the modal logic K45 can be formalized in the fragment 
(4LQS R ) 3 . As is well-known, the satisfiability problem for K45 is NP-complete; thus our alternative 
decision procedure for K45 can be considered optimal in terms of its computational complexity. 

2. The language ALQS R 

Before defining the language 4LQS R of our interest, it is convenient to present the syntax and the se- 
mantics of a more general, unrestricted four-level quantified fragment, denoted 4LQS. Subsequently, we 
will introduce suitable restrictions over the formulae of 4LQS to characterize the sublanguage 4LQS R . 

2.1. The unrestricted language 4 L QS 

Syntax of 4LQS. The four-level quantified language 4LQS involves the four collections Vo, V\, V2, 
and V3 of variables. Each Vi contains variables of sort i, denoted by X 1 , Y l , Z l , . . .. When we refer to 



variables of sort we prefer to write x,y,z, . . . instead of X , Y , Z , In addition to the variables 

in V2, terms of sort 2 include also pair terms of the form (x, y), for x, y G Vo- 

ALQS quantifier-free atomic formulae are classified as: 

level 0: x = y, x G X 1 , for x, y G Vo, X 1 G Vi; 

level 1: X 1 = y 1 , X 1 £l 2 , forX 1 ^ 1 G Vi,X 2 6 V 2 ; 

level 2: T 2 = U 2 , T 2 G X 3 , where T 2 and f/ 2 are terms of sort 2 and X 3 G V 3 . 

4LQS purely universal formulae are classified as: 

level 1: (V^i) . . . (Vz n )92o, where <^o is any propositional combination of quantifier-free atomic formulae 
and Zx, . . . , z n are variables of sort 0; 

level 2: (^/Z\) . . . (yz^tpi, where 991 is any propositional combination of quantifier-free atomic for- 
mulae and of purely universal formulae of level 1, and Z\, . . . , Z^ G Vi; 

level 3: (VZ 2 ) . . . (\/Z 2 )ip2, where <p2 is any propositional combination of quantifier-free atomic formu- 
lae and of purely universal formulae of levels 1 and 2, and Z 2 , . . . , Z 2 G V2. 

Finally, the formulae of ALQS are all the propositional combinations of quantifier-free atomic formulae 
of levels 0, 1, 2, and of purely universal formulae of levels 1, 2, 3. 

Next we introduce some notions that will be useful in the rest of the paper. Let ip be a 4L<5S'-formula. 
We can assume, without loss of generality, that ip contains as propositional connectives only 'V', 
and 'A'. Further, let S v be the syntax tree for ip (see lfl2l for a precise definition), and let v be a node 
of Sp. We say that a 4LQS -formula ip occurs within <p> at position v if the subtree of S^ rooted at v is 
identical to S^. In this case we refer to v as an occurrence of ip in (p and to the path from the root of S v to 
v as its occurrence path. An occurrence of a 4LQ5'-formula ip within a 4LQ5'-formula ip is positive if its 
occurrence path deprived of its last node contains an even number of nodes labelled by a 4L<5<S'-formula 
of type -ix- Otherwise, the occurrence is said to be negative. 

Semantics of ALQS. A ALQS '-interpretation is a pair M. = (D,M), where D is any nonempty 
collection of objects, called the domain or universe of Ad, and M is an assignment over the variables of 
4LQS such that 

• Mx G D, for each x G Vo; 

• MX 1 G pow(£>), for each X 1 G Vr, 

• MX 2 G pow(pow (£>)), for each X 2 G V 2 ; 

• MX 3 G pow(pow(pow(D))), for each X 3 G V 3 | 

2 We recall that, for any set s, pow(s) denotes the powerset of s, i.e., the collection of all subsets of s. 



We assume that pair terms are interpreted d la Kuratowski, and therefore we put 



M(x,y)= D A{Mx},{Mx,My}}. 

The introduction of a pairing operator in the language turned out to be very useful in view of the ap- 
plications in Section |U Moreover, even if many pairing operations are available (see for instance Ifl4l0 . 
Kuratowski's style of encoding ordered pairs results to be quite simple, at least for our purposes. 
Let 

- Ai = (D, M) be a 4LQ5'-interpretation, 

- xx,...,x n e V , 

- X{,... ,X^ e Vi, 

- Xf, ... ,Xp G V2, 

- ui, ■ ■ ■ ,Un e D, 

- Ul,...,Ulepow(D), 

- Ul...,U* € pow(pow(D)). 

By M[xi/ui,...,x n /u n ,Xl/U},...,X^ n /U^ n ,Xf/Uf,...,Xp/Up], we denote the interpretation 
Ai' = (D, M') such that M' Xi = m, for i = 1, . . . , n, M'X) = Uj, for j = 1, . . . , m, M'X\ = U% , 
for A; = 1 , . . . , p, and which otherwise coincides with Ai on all remaining variables. Throughout the 
paper we use the abbreviations: M z for Ai[zi/u\, . . . , z n /u n ], M z for Ai\Z\j\j\, . . . , Z^/U^], 
and M z " for M[Zf/U?, Z^/U^}. 

Let f be a 4ZQ5-formula and let Ai = (D, M) be a 4Z<5-S'-interpretation. The notion of satisfia- 
bility of ip by Ai (denoted by Ai \= ip) is defined inductively over the structure of <p. Quantifier-free 
atomic formulae are interpreted in the standard way according to the usual meaning of the predicates '=' 
and '€', and purely universal formulae are evaluated as follows: 

1. Ai \= (Vzi) . . . (yz n )ip iff Ai[zi/ui, . . . , z n /u n ] \= ip , for all u±, . . . ,u n £ D; 

2. Ai |= (VZi) . . . (VZi>i mM[Z\/Ul. . . , Z^/UU h <pi, for all U\, . . . , XJ} n G pow(D); 

3. h (V^i 2 ) • • • (VZ p 2 V 2 iKM[Z*/U*, Z%/Uj] h ^2, for all [/?, . . . ,Up € pow(pow( J D)). 

Finally, evaluation of compound formulae follows the standard rules of propositional logic. If Ai \= p, 
i.e. Ai satisfies p, then Ai is said to be a ALQS -model for </?. A 4Z(3«5'-formula is said to be satisfiable 
if it has a 4LQ5'-model. A 4Z(5«5 , -formula is valid if it is satisfied by all 4Z(5«5 , -interpretations. 

2.2. Characterizing ALQS R 

ALQS R is the subcollection of the formulae ip of 4LQS for which the following restrictions hold. 



Restr. I. For every purely universal formula (V-Zj), . . . , (VZ^j^i of level 2 occurring in tp and every 
purely universal formula (Vzi) . . . (Vz n )<y9o of level 1 occurring negatively in ipi, ipo is a 
prepositional combination of level quantifier-free atomic formulae and the condition 

n m 
i=l,7=l 

is a valid 4L<2<S'-formula (in this case we say that the formula (Vzi) . . . (Vz n )ipo is linked to 
the variables Z\, . . . , Z^). 

Restr. II. For every purely universal formula (VZf), . . . , (VZp)<^2 of level 3 occurring in tp 

• every purely universal formula of level 1 occurring negatively in ip2 and not occurring 
in a purely universal formula of level 2, is only allowed to be of the form 

(Vzi) . . . (Vz n HAILi A"=ite, *j) = Y vj) • where Y ij e ^2, for i, j = 1, . . . , n; 

• purely univer sal formulae (VZj), . . . , (VZ^)^i of level 2 may occur only positively in 

Restriction His similar to the one described in |9|. In particular, following @, we recall that condition £T|) 
guarantees that if a given interpretation assigns to z\ , . . . , z n elements of the domain that make ip^ false, 
then such elements must be contained in the intersection of the sets assigned to Z\, . . . , Z^. This fact 
is needed in the proof of statement (ii) of Lemma 1331 to make sure that satisfiability is preserved in a 
suitable finite submodel (details, however, are not reported here and can be found in Q). 

Through several examples, in j9] it is argued that condition dH) is not particularly restrictive. Indeed, 
to establish whether a given 4L<3S'-formula is a 4I<5S' i? -formula, since condition (Q]) is a 2LS'-formula, 
its validity can be checked using the decision procedure in |fl~3l , as ALQS is a conservative extension of 
2LS. In addition, in many cases of interest, condition (Q]) is just an instance of the simple prepositional 
tautology -\(A — > B) — >• A, and thus its validity can be established just by inspection. 

Restriction H] has been introduced to be able to express binary relations and several operations on 
them while keeping simple, at the same time, the decision procedure presented in Section [3721 

Finally, we observe that though the semantics of 4LQS R plainly coincides with that of 4LQS, in 
what follows we prefer to refer to 4LQS'-interpretations of 4LQS' i? -formulae as ALQS R -interpretations. 

3. The satisfiability problem for 4L(5*5' i? -formulae 

We will solve the satisfiability problem for ALQS R , i.e. the problem of establishing for any given formula 
of 4LQS R whether it is satisfiable or not, as follows: 

(i) firstly, we will show how to reduce effectively the satisfiability problem for 4LQ5' i? -formulae to 
the satisfiability problem for normalized 4LQS R -conjunctions (these will be defined shortly); 

(ii) secondly, we will prove that the collection of normalized 4L<5<S' i? -conjunctions enjoys a small 
model property. 

From (0) and ©, the solvability of the satisfiability problem for 4LQS R follows immediately. Addi- 
tionally, by further elaborating on point ©, it could easily be shown that indeed the whole collection of 
4LC t )<5' R -formulae enjoys a small model property. 



3.1. Normalized ALQS -conjunctions 

Let ip be a formula of 4LQS R and let ipDNF be a disjunctive normal form of ip. Then ip is satisfiable if 
and only if at least one of the disjuncts of ipDNF is satisfiable. We recall that the disjuncts of ipDNF are 
conjunctions of literals, namely atomic formulae or their negation In view of the previous observations, 
without loss of generality, we can suppose that our formula ip is a conjunction of level 0, 1, 2 quantifier- 
free literals and of level 1,2,3 quantified literals. In addition, we can also assume that no variable occurs 
both bound and free in ip and that distinct occurrences of quantifiers bind distinct variables. 

For decidability purposes, negative quantified conjuncts occurring in ip can be eliminated as follows. 
Let Ad = (D, M) be a model for ip, and let ->(Vzi) . . . {Vz n )ipo be a negative quantified literal of level 1 
occurring in ip. Since Ad \= -i(Vzi) . . . (Vz n )<£o if and only if Ad[z\/u\, . . . , z n /u n ] \= -upo, for some 
Ui, . . . , u n 6 D, we can replace -i(Vzi) . . . Nz n )ipo in ip by -<(tpo) z ]''"' z .?, where z[, . . . , z' axe newly 
introduced variables of sort 0. Negative quantified literals of levels 2 and 3 can be dealt with much in the 
same way and hence, we can further assume that ip is a conjunction of literals of the following types: 

(1) quantifier-free literals of any level; 

(2) purely universal formulae of level 1 ; 

(3) purely universal formulae of level 2 and 3 satisfying Restrictions U and [TT] given in Section 12.21 
respectively. 

We call these formulae normalized 4LQS R -conjunctions. 

3.2. A small model property for normalized 4ZQS' K -conjunctions 

In view of the above reductions, we can limit ourselves to consider the satisfiability problem for nor- 
malized 4L<5S' fl -conjunctions only. Thus, let ip be a normalized 4Z(5<5 ,R -conjunction and assume that 
Ad = (D, M) is a model for ip. 

We show how to construct, out of the model Ad, a finite 4L<5<S ii -interpretation Ad* = (D* , M*) 
which is a model of ip sufficiently rich to reconstruct any possible counter-example to the formula and 
such that the size of D* depends solely on the size of ip. We will proceed as follows. First, in Section 
13.2.11 we outline a procedure for the construction of a nonempty finite universe D* C D. In Steps 1 
to 3 D* is provided with enough elements to properly interpret quantifier-free atomic formulae. Cases 
involving variables of levels 2 and 3 are treated in Step 2 by introducing an additional set of new variables, 
Vf . Finally, in Step 4 D* is further enriched to take care of purely universal formulae of level 2. Then 
we show how to relativize Ad to D* according to Definition 13 . 1 1 below, thus defining a finite ALQS R - 
interpretation Ad* = (D*, M*). Finally, we prove that Ad* satisfies ip. 

3.2.1. Construction of the universe D* 

Let us denote by Vq, V[, and V' 2 the collections of variables of sort 0, 1, and 2 occurring free in ip, 
respectively. We construct D* according to the following steps: 

Step 1: Let T = T\ U Tz, where 



3 Atomic formulae are quantified atomic formulae and purely universal formulae of any level. 



• T\ 'distinguishes' the set S = {MX 2 : X 2 G V 2 }, in the sense that K n J~\ 7^ K' n J 7 ! 
for every distinct K, K' G S*. Such a set J 7 ! can be constructed by the procedure Distinguish 
described in Q. As shown in Q, we can also assume that | F\ \ < \S\ — 1. 

• T2 satisfies \MX 2 fl T2 \ > min(3, \MX 2 |), for every X 2 G V 2 . Plainly, we can also assume 
that \F 2 \ < 3 • \V 2 \. 

Step 2: Let {F u . . . , F k } = T \ {MX 1 : X 1 G V[} and let Vf = {X{, . . . , X 1 } C Vi be such that 
Vf n Vj = and Vf n Vf = 0, where Vf is the collection of bound variables in ip. Let AT be 
the interpretation AtfXf/i 7 !, . . . , X^/i^]. Since the variables in V[ do not occur in ip (neither 
free nor bound), their evaluation is immaterial for ip and therefore, from now on, we identify A4 
and At. 

Step 3: Let A = Ai U A 2 , where 

• Ai distinguishes the set T = {MX 1 : X 1 G V[ U Vf } and | Ai | < \T\ - 1 holds (cf. Step 1 
above); 

• A 2 satisfies | J n A 2 | > min(3, | J|), for every J G {MX 1 : X 1 6 VjU Vf }. Plainly, we 
can assume that |A 2 | < 3 • \V[ U V[\. 

We initialize D* by putting 

D* := {Mx : x in V' } U A . 

(D* will possibly be enlarged during the subsequent Step 4.) 

Step 4: Let xi, • • • , Xr be all the purely universal formulae of level 2 occurring in if). To each conjunct 
Xi = (VZ}h ) • • • (^^ih )v 9 «> we associate the collection ipi kl , . . . , fc. of atomic formulae of 
the form (Vzi) . . . (Vz n )ipo present in the matrix of xu and call the variables Z\ h , . . . , Z\ h the 
arguments of <p i)kl ip i)ke . . 

Let us put 

$ =Def {Vi,*, : 1 < 3 < U and 1 < % < r}. 
Then, for each ip G $ of the form (Vzi) . . . (Vz„)(^o having Zj, . . . , as arguments, and for 
each ordered m-tuple (X^, . . . , ) of variables in V( U Vf , if M^q)^ ' '"' v-T = false we 

hi'""' h m 

insert in D* elements u\, . . . , u n G -D such that 

M[zi/«i, . . . , ^/UnKyo) v-i '***' -v-T = false , 

hi''"' h m 

otherwise we leave D* unchanged. 

Next, we calculate a bound to the size of D* . Since < \S\ - 1 < \V 2 \ - 1 and \F 2 \ < 3|V 2 | 
(cf. Step 1 above), we plainly have \F\ < 4|V 2 | — 1. Analogously, just after Step 3, we have |A| < 
4(| I + (4|V 2 | - 1)) - 1 and \D*\ < \V' \ + 4\V[\ + 16|V 2 | - 5. Finally, after Step 4, if we let L m 
denote the maximal length of the quantifier prefix of any purely universal formula of level 2 occurring in 



ip, and L n denote the maximal length of the quantifier prefix of ip = (Vzi) . . . (\/z n )ipo, with ip ranging 
in <£, then we have 



Thus, it turns out that, in general, the domain D* (of the small model) is exponential in the size of the 
input formula ip. 

3.2.2. Relativized interpretations 

We introduce now the notion of relativized interpretation, whose domain is the set D* constructed above, 
to define, out of the model M. = (D, M) of our normalized 4L(5«5' i? -conjunction ip, a finite interpreta- 
tion Ai* = (D*, M*) of bounded size, which also satisfies ip. 

Definition 3.1. Let M = (D, M), D*, V[ , Vf , and V 2 be as above, and let d* G D*. The relativized 
interpretation M* = Rel(M, D*, d*,V[,V[, V 2 ) of M with respect to D* , d* , V[, Vf , and V 2 is the 
4L(5S' i? -interpretation (D*,M*) such that 



I d* , otherwise , 

M*X 1 = MX 1 n D* , 

M*X 2 = ((MX 2 n pow(L>*)) \ {M*X l : X 1 G (V[ U Vf )}) 
U{M*X 1 : X 1 G (V[ U Vf ), MX 1 G MX 2 } , 

M*X 3 = ((MX 3 n pow(pow(L>*))) \ {M*X 2 : X 2 G V2}) 
\J{M*X 2 : X 2 G V' 2 , MX 2 G MX 3 } . 



Concerning M*X 2 and M*X 3 , we observe that they have been defined in such a way that all the mem- 
bership relations between variables of ip of sorts 2 and 3 are the same in both the interpretations and 
Ai*. This fact will be proved in the next section. 

For ease of notation, we will often omit the reference to the element d* G D* and write simply 
Rel(.M, D*, V[, Vf , V 2 ) in place of Rel(M, D*,d*,V[,V[, V' 2 ), when d* is clear from the context. 

The following useful properties are immediate consequences of the construction of D* , for any x, y G 



V , X^Y 1 G V(,andX 2 ,Y 2 G V 2 : 

(A) if MX 1 ^ MY 1 , then (MX 1 A MY 1 ) n D* / 00 

(B) if MX 2 j£ MY 2 , there is a J G (MX 2 L\MY 2 )C\{MX l : X 1 G (V(UV^)} such that JnD* ^ 0, 

(C) if M(x,y) ^ MX 2 , there is a J G (MX 2 A M(x,y)) n {MX 1 : X 1 G (V( U V^)} such that 
JnD* ^ 0, and if J G MX 2 , then J D D* ^ {Mx} and J D D* ^ {Mx, My}. 



D*\ < \V Q \ +4|V(| + 16|V£| + ((|V(| +4|V£| - l) Lm L„) |$| -5. 



M*x 




4 We recall that for any sets s and t, s At denotes the symmetric difference of s and of t, namely the set (s \ t) U (i \ s). 



3.3. Soundness of the relativization 

As above, let Ai = (D,M) be a 4Z(5«5' it -interpretation satisfying our given normalized ALQS R - 
conjunction ip, and let D*, V[, V[ , V 2 , and Ai* be denned as before. The main result of this section 
is Theorem 13.11 which states that if Ai satisfies ip, then Ai* satisfies ip as well. The proof of Theorem 
13.11 exploits the technical Lemmas |3. 11 13.21 13.31 13.4[ and |3.5| below. In particular, Lemma |3~T1 states that 
At satisfies a quantifier-free atomic formula ip, fulfilling conditions (fA]), (©, and (Q above, if and only 
if Ai* satisfies ip too. Lemmas 13.21 13.31 and 13.41 claim that suitably constructed variants of Ai* and 
the small models resulting by applying the construction of Section 13.21 to the corresponding variants of 
Ai can be considered identical. Finally, Lemma [331 which follows from Lemmas [3. 1113.211331 and 13.41 
states that Ai* satisfies all quantified conjuncts of ip which are satisfied by Ai. 

Lemma 3.1. The following statements hold: 

(a) Ai* \= x = y iff Ai \= x = y, for all x, y G V such that Mx, My G D*\ 

(b) Ai* \= x G X 1 iff Ai \= x G X 1 , for all X 1 G Vi and x G V such that Mx G D*; 

(c) Ai* \= X 1 = Y 1 iff Ai (= X 1 = Y 1 , for all X 1 , Y 1 G Vi such that condition © holds; 

(d) Ai* (= X 1 G X 2 iff Ai \= X 1 G X 2 , for all X 1 G (V( U V^), X 2 G V 2 ; 

(e) At* \= X 2 = Y 2 iff Ai\= X 2 = Y 2 , for all X 2 ,Y 2 G V 2 such that condition © holds; 

(f) Ai* \= (x, y) = X 2 iff Ai \= (x, y)=X 2 , for all x, y G V such that Mx, My G £>* and X 2 G V 2 
such that condition (Q holds; 

( g ) AI* h {x, y) e X 3 iff Ai \= {x, y) G X 3 , for all x, y G V such that Mx, My G I?* and X 2 G V 2 
such that condition (0 holds; 

(h) AI* |= X 2 G X 3 iff |= X 2 G X 3 , for all x, y G V such that Mx, My G D* and X 2 G V 2 
such that conditions ([B]) and © hold. 

Proof: 

(|a]> Let x,y G Vo be such that Mx,My G £>*. Then M*x = Mx and Af*y = My, so we have 
immediately that Ai* \= x = y iff Al|=x = 2/. 

© Let X 1 G Vi and let x G V be such that Mx G D*. Then Af*x = Mx, so that M*x G M*X X 
iff Mx G MX 1 n £>* iff Mx G MX 1 . 

© If MX 1 = MY 1 , then plainly M*X X = M*Y l . On the other hand, if MX 1 / MY 1 , then, by 
condition ©, (MX 1 A MY 1 ) n D* / and thus M*X 1 ^ M*Y 1 . 

© If MX 1 G MX 2 , then M*X X G M*X 2 . On the other hand, suppose by contradiction that 
MX 1 i MX 2 and M*X X G Af*X 2 . Then, there must necessarily be a Z l G (V[ U Vf ) 
such that MZ 1 G MX 2 , MZ 1 ^ MX 1 , and M*X X = M*Z X . Since MZ 1 ^ MX 1 and 
(MZ 1 A MX 1 ) nD*/0, by condition (©, we have M*X X ^ M*Z X , which is a contradiction. 



© If MX 2 = MY 2 , then M*X 2 = M*Y 2 . On the other hand, if MX 2 ^ MY 2 , by condition 
©, there is a J € (MX 2 A MY 2 ) n {MX 1 : X 1 G (V[ U Vf )} such that J fl D* ^ 0. Let 
J = MX 1 , for some X 1 G (Vj U Vf ), and suppose without loss of generality that MX 1 G MX 2 
and MX 1 £ MY 2 . Then, by ©, M*X : G M*X 2 and M*X X g M*Y 2 , and hence M*X 2 ^ 
M*Y 2 . 

© If Af (z, y) = MX 2 , then M*(x, y) = M*X 2 . If M(x, y) + MX 2 , then there is a J G (MX 2 A 
M (sc, y}) n {MX 1 : X 1 G (V[ U Vf )} satisfying the constraints of condition (0. Let J = MX 1 , 
for some X 1 G (V{UVf ), and suppose that MX 1 G MX 2 and MX 1 £ M(x, y). Then M*X 1 G 
M*X 2 and since M*X 1 ^ {Mx} and M*X X ^ {Mx, My}, it follows that M*X 1 <£ M*(x, y). 
On the other hand, if MX 1 G M{x,y) and MX 1 ^ MX 2 , then either MX 1 = {Mx} or 
MX 1 = {Mx, My}. In both cases MX 1 = M*X X and thus if MX 1 £ MX 2 , it plainly follows 
that M*X 1 <£ M*X 2 . 

(jg]) Let x,y G V and X 3 G V 3 be such that M(x,y) G MX 3 . Then M*(x,y) G M*X 3 . On the 
other hand, suppose by contradiction that M(x, y) £ MX 3 and M*(x, y) G M*X 3 . Then, there 
must be an X 2 G V£ such that M*X 2 G M*X 3 , M*X 2 = M*(x,y), and MX 2 / M(x,y). But 
this is impossible by ©. 

© If MX 2 G MX 3 then M*X 2 G M*X 3 . Now suppose by contradiction that MX 2 ^ MX 3 and 
that M*X 2 G M*X 3 . Then, either there is a F 2 G V 2 such that MX 2 ^ M7 2 and M*X 2 = 
M*Y 2 , which is impossible by (je]), or there is a (x, y), with x, y G Vo, Mx, My G £>*, such that 
MX 2 7^ M (x, y) and M*X 2 = M*(x, y), but this is absurd by ffl. 

□ 

In view of the next technical lemmas, we introduce the following notations. Let u±, . . . , u n G D* , 
U\, ...,U^e pow(D*), and V\, . . . , U 2 G pow(pow(D*)). Then we put 

M* z = M*[zi/ui,...,z n /u n ], 
M*> zl = M*[Zl/Ut,...,Zi/U} n }, 
M*' z " = M*[Zf/U 2 ,...,Z 2 /U 2 ], 

and also 

M z * = Rcl(M z ,D*,V[,V[,V' 2 ), 

M zl >* = R e \(M z \D*,V[u{Zl,...,Z^},V[,V 2 ), 
M z2 '* = Rel(M z2 ,D*,T*,V[,Vf,V 2 U{Z 2 ,...,Z 2 }). 

The next three lemmas claim that, under certain conditions, the following pairs of 4i<5S' R -interpretations 
M.* z and M. z '*, Ai*' Zl and M^'*, M.*' z2 and M 7,2 '* can be identified, respectively. 

Lemma 3.2. Let ui,...,u n G D*, and let z\, . . . , z n G Vo- Then, the 4L (^^-interpretations Ai* ,z 
and J^A Z '* coincide. 

Proof: 

The proof of the lemma is carried out by showing that A4*' z and Ad z '* agree over variables of all sorts. 



Let x G Vo- Since tti, . . . , u n G D* , the thesis follows immediately. 

Let X 1 G Vi, then M*> z X l = M*X 1 = MX 1 n D* = M Z X 1 n D* = M Z <*X 1 . 

Let X 2 G V2, then we have the following equalities: 

M *,z x 2 = M * X 2 = (( Mx * n pow(L>*)) \ {M*X X : X 1 G (V[ U Vf )}) 

U {M*X* : X 1 G (V( U Vf ), MX 1 G MX 2 } 

= ((M Z X 2 npow(£>*)) \ {M^X 1 : X 1 G (V| U Vf )}) 
U {M 2 '*! 1 : X 1 G (V[ U Vf ), AfX 1 G M Z X 2 } 

= M Z '*X 2 . 

Let X 3 G V3, then the following holds: 

M*' Z X 3 = M*X 3 = ({MX 3 npow(pow(D*))) \ {M*X 2 : X 2 G V 2 }) 

U {M*X 2 : X 2 G V 2 ,MX 2 G MX 3 } 

= ({M Z X 3 npow(pow(L>*))) \ {M*'*X 2 : X 2 G V 2 }) 
U {M Z '*X 2 : X 2 G V 2 , M Z X 2 G M Z X 3 } 

= M 2 '*X 3 . 



□ 



Lemma 3.3. Let Zj,...,Z^ G Vi \ (V( U Vf) and ITf , . . . , E#, G pow(L>*) \ {M*X* : X 1 G 
(Vj U Vf )}. Then, the 4LQS' i? -interpretations M*' Z± and .M^ 1 '* coincide. 

Proof: 

We prove the lemma by showing that and .M^ 1 '* agree over variables of all sorts. 

1. Clearly M*' Zl x = M*x = M z <*x, for all individual variables x G Vo- 

2. Let X 1 G Vi. If X 1 g {Zf . . . , Z^}, then 

M zl >*X a = M^X 1 nD* = MX 1 flD* = M*X X = M*' Zl X x . 
On the other hand, if X 1 = Zj for some j G {1, . . . , m}, we have 

M z± '*Zj = M zl Z| DD* = U}nD* = Uj = M*' z ' Z) . 

3. Let X 2 G V 2 . Then we have 

M*' Zl X 2 = M*X 2 = ((MX 2 n pow(.D*)) \ {M*X X : X 1 G (V( U Vf )}) 

U {M*X l : X 1 G (V( U Vf ), MX 1 G MX 2 } , (3) 

M z\* x 2 = (( M z^ x 2 n po W (£)*)) \ {M zl >*X x : X 1 G ((V( U Vf ) U {Zf . . . , Z l m })}) 
U{M Z "'*X l : X 1 G ((V( U Vf ) U {Z\, . . . , Z/j), M z " X 1 G M z " X 2 } 
= ((MX 2 n pow(D*)) \ ({M*X l : X 1 G (V( U Vf )} U : j = 1, . . . , m})) 
U({M*X X : X 1 G (Vj[ U Vf ), MX 1 G MX 2 } 

U({C7,- :j = l,...,m}nMX 2 )). (4) 



By putting 

P x = MX 2 n pow (£>*), 

P 2 = {M*X 1 : X 1 G (V( U Vf )}, 

^3 = \i\r-j 1 '"}• 

P 4 = {M*X X : X 1 € (V( U Vf ), MX 1 G MX 2 }, 
P 5 = {U J :j = l,...,m}nMX 2 , 

then by © and (0]) can be rewritten as 

M *,Z 1 X 2 = (p 1 \p 2 ) U P 4 (5) 
M Z\* X 2 = ( Pl \ (p 2 u P 3 )) U P 4 U P 5 • (6) 

Moreover, since, as can easily verified, we have 

P 2 nP 3 = 0, P 5 = PiDP 3 , and P 4 CP 2 , 

then 

(Pi\p 2 )up 4 = (Pi \ (P 2 u P 3 )) u P 4 u (Pa n P 3 ) 
= (Pi \ (P 2 u P 3 )) u P 4 u P 5 . 

Therefore, © and © readily imply M*' Zl X 2 = M Z ^*X 2 . 
4. Let X 3 G V 3 , then M*' Z ' 1 X 3 = M*\Z\jU\, Z^/U^X 3 = M*X 3 and 

M Z\* X 3 = ((M zl X 3 npow(pow(r/*))) \ {M zl '*X 2 : X 2 G V 2 }) 
U{M 2l '*X 2 : X 2 G V 2 ,M zl X 2 G M Z ' X 3 } 

= ((MX 3 n pow(pow (£>*))) \ {M*X 2 : X 2 G V 2 }) 
U{M*X 2 : X 2 G V 2 ,MX 2 G MX 3 } 

= M*X 3 . 

Since M*' Zl X 3 = M zl '*X 3 , the thesis follows. 

□ 

Lemma 3.4. Let Z 2 , . . . , Z 2 G V 2 \ V 2 and U 2 , . . . , U 2 G pow(pow(L>*)) \ {M*X 2 : X 2 G V 2 }. Then 
the 4L<55' R -interpretations .M*'^ 2 and .M^ 2 '* coincide. 

Proof: 

We show that M* ,z2 and M. z ' 2 '* coincide by proving that they agree over variables of all sorts. 

1. Plainly M*' z2 x = M*x = M z2 '*x, for every x G Vq. 

2. Let X 1 G Vi. Then M^'x 1 = M*X l = M z2 >*XK 



3. Let X 2 G V 2 such that X 2 <£ {Z 2 , . . . , Z 2 }. Then 



M *,z 2 x 2 = M*[zf/U?, Z 2 /U 2 ]X 2 = M*X 2 

and 

M Z\* X 2 = (( M Z 2 X 2 n pow(ir)) \ {M z2 >*X l : X 1 G (V[ U Vf )}) 
U{M z2 '*l' : X 1 G (V( U Vf^M^X 1 G M z2 X 2 } 

= ((MX 2 n poio(£>*)) \ {M*X 1 : X 1 G (V[ U Vf )}) 
UjAPX 1 : X 1 G (X U Vf ),MI 1 G MX 2 } 

= M*X 2 . 

Since M*' z2 X 2 = M z2 '*X 2 the thesis follows, at least in the case in which X 2 £ {Z 2 , Z 2 }. 
On the other hand, if X 2 G {Zf, Z 2 }, say X 2 = Z 2 , then M*' Z *X 2 = U 2 , and 

M z2 >*X 2 = ((M Z ' 2 X 2 n pow(L>*)) \ {M z2 '*X l : X 1 G (V[ U Vf )}) 
UjM^X 1 : X 1 G (V( U V[),M z2 X 1 G M z2 X 2 } 
= (C/ 2 \ {M*X 1 : X 1 G (Vi U Vf )}) 

U({M*X X : X 1 G (Vj U Vf ),MX 1 G £/ 2 }) 

= ^ 

Clearly the thesis follows also in this case. 

4. Let X 3 G V 3 . Then we have 

M *,Z 2 X 3 = M * X 3 = ((MX 3 npow(pow(L>*))) \ {M*X 2 : X 2 G V 2 }) 

U {M*X 2 : X 2 G V 2 , MX 2 G MX 3 } (7) 
M Z 2 ,* X 3 = (( M Z 2 X 3 n pow (pow(Zr))) \ {M Z "'*X 2 : X 2 G V 2 U {Z 2 , . . . , Z 2 }}) 

U {M z2 '*X 2 : X 2 G V 2 U {Z 2 , . . . , Z 2 }, M z ' 2 X 2 G M z2 X 3 } 
= ((MX 3 n pow(pow(D*))) \ ({M*X 2 : X 2 G V 2 } U {U 2 : j = 1, . . . ,p})) 
U {M*X 2 : X 2 G V 2 , MX 2 G AfX 3 } 

U({C/ 2 :j = l,...,rfnMI 3 ). (8) 



By putting 

Pi = MX 3 n pow(pow(D*)) , 

P 2 = {ATX 2 : X 2 G V 2 } , 

^3 = : j = l,...,p}, 

P 4 = {M*X 2 : X 2 G V 2 , MX 2 G MX 3 } , 

^5 = {U 2 :j = l,...,p}HMX 3 , 



then (O and (HJ can be respectively rewritten as 

M*' z2 X 3 = (Pi\P 2 )UP 4 (9) 
M z2 '*X 3 = (P 1 \ (P 2 U P 3 )) U P 4 U P 5 • (10) 

Moreover, it is easy to verify that the following relations hold: 

P 2 nP 3 = 0, P 5 = PinP 3 , and P 4 cp 2 , 

so that 

(Pi\p 2 )up 4 = (Pi \ (P 2 u P 3 )) u P 4 u (p n P 3 ) 

= (Pi \ (P 2 u P 3 )) u P 4 u P 5 . (11) 

Therefore, in view of © and £[0]> above, (HB yields M*' z2 X 3 = M z2 >*X 3 . 

□ 

The following lemma proves that satisfiability is preserved in the case of purely universal formulae. 

Lemma 3.5. Let (Vjsi) . . . (Vz„)^ , (VZ{) . . . (VZ^)^i, and (VZ?) . . . (VZ 2 )c^ 2 be conjuncts of ^. 
Then 

(i) if M |= (V*i) . . . (Vz„)(^ , then .M* |= (V*i) . . . (Vz„> ; 

(ii) if M \= (VZi) . . . (VZ m Vi, then .M* H (VZi) . . . (VZ m )^ i; 
(hi) if M h (VZ 2 ) . . . (VZ2)y> 2 , then Al* (= (VZ?) . . . (VZ 2 )^. 

Proof: 



(i) Assume by contradiction that there exist u±, .. . ,u n € D* such that Ai*' z Y= ip®. Then, there 
must be an atomic formula <p' in tpo that is interpreted differently in Ad* ,z and in Ad z . Recalling 
that ipo is a prepositional combination of quantifier-free atomic formulae of any level, let us first 
suppose that ip' is X 2 = Y 2 and, without loss of generality, assume that Ai*' z Y= X 2 = Y 2 . 
Then M*> Z X 2 / M*' Z Y 2 , so that, by Lemma|l2l M Z <*X 2 / AP'*Y 2 . Then, Lemma [3j] yields 
M Z X 2 ^ M z y 2 , a contradiction. The other cases are proved in an analogous way. 

(ii) This case can be proved much along the same lines as the proof of case (ii) of Lemma 4 in |9l. 
Here, one has to take care of the fact that ip\ may contain purely universal formulae of level 1 
occurring only positively in ip\ and not satisfying Restriction U of Section 12.21 This is handled 
similarly to case (i) of this lemma. Another issue that has to be considered is the fact that the 
collection of relevant variables of sort 1 for tp are not just the variables occurring free in ip, namely 
the ones in V{, but also the variables in Vf, introduced to denote the elements distinguishing the 
sets M*X 2 ,foxX 2 € V 2 . 



(iii) Assume, by way of contradiction, that Ad \= (VZf ) . . . (VZ%)tp 2 , but Ad* ^ (VZ^) . . . (VZ£)<p 2 . 
Hence there exist Uf,...,Up G pow(pow(D*)) such that Ad*' z2 ^ </? 2 - 

Without loss of generality, assume that Uf = M*Xf, for 1 < i < k and where Xf , . . . , X\ G V 2 , 
and that £/? ^ M*X 2 , for k + 1 < j < p and X 2 G V 2 , for some > 0. 

Let (f>2 be the formula obtained by simultaneously substituting Z 2 , . . . , Z| with X 2 , . . . , X| in </? 2 , 

and let M*' z * = M*[Z% +1 /U% +1 , . . . , Z 2 /[/ 2 ]. Further, let M z2 ' be a 4LQ ( S i? -interpretation 

differing from M z * only in the evaluation of Zj, ...,Z%, with M z2 ' Z\ = MXf, M z2 ' Z\ = 
MX\. 

We distinguish the following two cases: 

Case k = p: If k = p, then Ad* ,z2 and Ad* coincide and a contradiction can be obtained by 
showing that the implications 

m*> z2 y= ip 2 => m* y= (p 2 m y= f 2 => m z2 ' y= f 2 

hold, since these together with the fact that M*' z2 ty= f 2 would yield Ad ty= (VZ 2 ) . . . (VZ 2 )y? 2 , 
contradicting our initial hypothesis. The first implication, Ad* ,z2 (f2 => Ad* ^= (p 2 , is 
plainly derived from the definition of if 2- The second one, Ad* ^= if 2 => Ad ty= <f 2 , can 
be proved as follows. For every purely universal formula either of level 1 or of level 2, (f' 2 , 
occurring only positively in if 2, it follows that Ad* ty= <f 2 =>• Ad ^= if 2 by reasoning as in 
case (i) or in case (ii) of the present lemma, respectively. For each other atomic formula if' 2 
occurring in if 2 we have to show that Ad* and Ad evaluate tp 2 m me same manner. If if 2 is a 
quantifier-free atomic formula, the proof follows directly from Lemma lXTI If <f' 2 is an atomic 
formula of level 1, it can only be of type (Vzi) . . . (V2: n )-i(/\" J=1 (zj, Zj) = Y?), where 
is any variable in V 2 . Reasoning analogously to case (i) of the present lemma, it follows that 
Ad \= if 2 =4> Ad* \= if 2 - Next, let us prove that Ad* \= if' 2 => Ad \= (p 2 . Assume by 
contradiction that Ad ^ if' 2 . That is, Ad ^ (Vzi) . . . (Vz n )-.(/\™ i=1 (zi, Zj) = Yfy. Then, 
there are u\, . . . ,u n G D such that Ad[z\/ui, . . . , z n /u n ] \= Ai\=i 

{zi,Zj) = Y t j. By the 

construction in Section [3T2l all these U{S are in D* , MY^j = M*Y{j and thus we finally 
obtain that 

n 

M*£(V*i)...(Vz„H /\(z t ,z J ) = Y*), 
contradicting our hypothesis. 

Finally, Ad ^= if 2 => Ad 7,2 y= ip 2 , follows from the definition of if 2 and of Z 2 '. 

Case k < p: In this case, the schema of the proof is analogous to the one in the previous case. 
However, since Ad* ,z k and Ad* do not coincide, the single steps are carried out in a slightly 
different manner. Thus, for the sake of clarity we report below the details of the proof. 
In order to obtain a contradiction we prove that the following implications hold 



m*' z ' 2 y= f 2 m*' z2 y= if 2 =>• Ad z i y= q,2 => Ad 2,2 ' y= f 2 



The first implication, Ai*' Z \£ ip2 => At* ,Zk ty= p2, can be immediately deduced from 
the definition of p2 and of At*' k . The second implication, Ai* ,Zk ^ (p2 =>■ Ai Zk \£ P2, 
can be proved as shown next. If p 2 is a purely universal formula either of level 1 or of level 
2 occurring only positively in (pi, we have Ad*' Zk ^ (p' 2 and, since Ai*' Zk and A4 Zk '* 
coincide (by Lemma [3~4b . we obtain At Zh '* \/= <p' 2 . Then, reasoning as in case (i) (if p' 2 is of 
level 1) or in case (ii) (if p' 2 is of level 2) of the present lemma, it follows that Ai Zk y= p' 2 . If 
ip 2 is a quantifier-free atomic formula occurring in p2, we prove that <p' 2 in (pi is interpreted 
in Ai* ,z k and in Ai Zk in the same way, using Lemmas [3.41 and [37X1 
If p 2 is a purely universal formula of level 1 , it must have the form 

n 

(Vzi)...(V^)-.(/\ ( Zi , Zj )=YZ), 

where Y?j is any variable in Vi. In this case the proof is carried out as shown next. Rea- 
soning as in case (i), we have Ad Zk \= (p' 2 => At Zk> '* \= p 2 , and by Lemma [3741 that 
At*' z >° |= p 2 . Proceeding as in the first case of this item of the present lemma, we obtain 
that M z > \£ (Vzi) . . . (V^)-(A" i= i(^, Zj) = Y%) and, by Lemma[H that \f= 
(Vzi) . . . (V^ n )-i(/\" =1 (2j, Zj) = Y%), contradicting our hypothesis. 

Finally, the third implication, A\ z ' k Y= ^2 => Al z2 \£ ipi follows directly from the defini- 
tion of p2 and of Z 2 . 

□ 

We can now state and prove our main result. 

Theorem 3.1. Let Ai be a ALQS R -interpretation satisfying a normalized 4L(5«5' i? -conjunction ip. Then 
Ai* \= tp, where Ai* is the relativized interpretation of Ai with respect to a domain D* satisfying $2}. 

Proof: 

We only have to prove that Ai* \= tp', for each conjunct tp' occurring in ip. Each such ip' must be of one 
of the types (l)-(3) enumerated in Section l3~fl By applying either Lemma |3~T1 or Lemma [3751 to each tp' 
(according to its type) we obtain the thesis. □ 

From the above reduction and relativization steps, the following result follows easily: 

Corollary 3.1. The fragment ALQS R enjoys a small model property (and therefore it has a solvable 
satisfiability problem). 

4. Expressiveness of the language 4LQS R 

Much as shown in [9], the language 4LQS R can express a restricted variant of the set-formation operator, 
which in turn allows one to express other significant set operators such as binary union, intersection, set 
difference, the singleton operator, the powerset operator (over subsets of the universe only), etc. More 



specifically, atomic formulae of type X 1 = {X 1 1 : ip(X l )}, for i = 1,2,3, can be expressed in 
4LQS R by the formulae 

(VX* -1 )^- 1 G X 1 «-> ^(X*" 1 )) 

provided that the syntactic constraints of 4LQS R are satisfied. 

Since 4LQS R is a superlanguage of 3LQS R , the language 4LQS R can express the syllogistic 2L5 
(cf. |[T3l ) and the sublanguage 3LSSP of 3LSSPU not involving the set-theoretic construct of general 
union, since these are expressible in 3LQS R , as shown in We recall that 3LSSPU admits variables 
of three sorts and, besides the usual set-theoretical constructs, it involves the 'singleton set' operator {•}, 
the powerset operator pow, and the general union operator Un. 3LSSP can plainly be decided by the 
decision procedure presented in |5 ] for the whole fragment 3LSSPU. 

Among the other constructs of set theory which are expressible in the language 4LQS R (cf. 0), we 
cite: 

• literals of the form X 2 = pov/ <h (X 1 ), where pow <h (X 1 ) denotes the collection of subsets of X 1 
with less than h elements; 

• the unordered Cartesian product X 2 = X\ <g> . . . <SiX^, where X\ <g> . . . <8> X* denotes the collection 
{{xi, . . . ,x n } : x\ G Xf, ...,x n G X^}; 

• literals of the form A = pow*(X|, . . . , X^), where pow*(X|, . . . , X\) is the variant of the pow- 
erset introduced in which denotes the collection 

n 

{Z : Z C (J X} and Z n X} ^ 0, for aU 1 < i < n}, 

i=l 

For instance, a literal of the form X 2 = pow <h (X 1 ), with h > 2, can be expressed by the 4LQS R - 
formula 

(VY 1 ) ^y 1 G X 2 o ((Vz) (z G Y 1 -> z G X 1 ) A (Vzi) . . . (Vz ft ) f /\ z< G Y 1 -»• \/ z 4 = 
V V \i=l tj=l 

as can be easily verified. 
4.1. Other applications of 4LQS R 

Within the 4LQS R language it is also possible to define binary relations over elements of a domain 
together with several conditions on them which characterize accessibility relations of well-known modal 
logics. These formalizations are illustrated in Table Q] 

Usual Boolean operations over relations can be defined as shown in Table |2] The language 4LQS R 
allows one also to express the inverse X^ of a given binary relation X^ (namely, to express the literal 
X R 2 = (XrX 1 ) h y means of tne 4XQ5^-formula (Vzi, z 2 ) {{z u z 2 ) £ X 3 Ri O (z 2 , *i) G X|J. 

In the next section we will present an application of the decision procedure for 4L(55' K -formulae to 
modal logic. For this purpose we introduce below a family {(4LQS R ) h }h>2 of fragments of 4LQS R , 
each of which has an NP-complete satisfiability problem, and then show, in the next section, that 




Binary relation 


(VZ 2 )(Z 2 G X R <-> -,(Vz 1 ,z 2 )^{(z 1 ,z 2 ) = z 2 )) 


Reflexive 


(\fz 1 )((z 1 ,z 1 )GX 3 R ) 


Symmetric 


(Vz 1 ,z 2 )((z 1 ,z 2 ) G X% ->■ (2:2,21) G X|) 


Transitive 


(Vzi, z 2 , * 3 )(((*l, z 2 ) G X| A (z 2 , z 3 ) G X|) (zi, z 3 ) G 


Euclidean 


(Vzi,z 2 ,z 3 )(((zi,z 2 ) G X| A (01,2:3) G X|) (z 2 ,z 3 ) G 


Weakly-connected 


(Vzi, 2 , 2 3 )(((2 ; l,22) G ^ A (z u z 3 ) G X| ) 

-> ((z 2 , z 3 ) eX 3 R y Z2 = z 3 y {z 3 , z 2 ) g X R )) 


Irreflexive 




Intransitive 


(Vzi, Z 2 , z 3 )(««l, *2> G X| A (z 2 , z 3 ) G X| ) -> -.(zi, 2T 3 > G X^) 


Antisymmetric 


(Vzi, z 2 )(({zi, z 2 ) G X| A (2 2 , 21} G X%) -> (zi = 22)) 


Asymmetric 


(V«l,«2)(^l,«2> GX| -^((z^) £X3)) 



Table 1. ALQS formalization of conditions of accessibility relations 



Intersection 




(VZ 2 )(Z 2 (Z 2 G Xj^ A Z 2 G X| 2 )) 


Union 


4 = 4^4 


(VZ 2 )(Z 2 el|o (Z 2 G V Z 2 G x| 2 )) 


Complement 


A Ri - A iJ 2 


(VZ 2 )(z 2 e4^(2 2 e4 2 )) 


Set difference 


v3 v3 \ v3 

A R - A /?i \ A iJ 2 


(VZ 2 )(Z 2 G X| (Z 2 G X^ A -(Z 2 G X^))) 


Set inclusion 


*i c x R 2 


(VZ 2 )(Z 2 GX^^G^) 



Table 2. ALQS formalization of Boolean operations over relations 



the modal logic K45 can be formalized in (4LQS R ) 3 in a succint way, thus rediscovering the NP- 
completeness of the decision problem for K45 (cf. lfl31 ). 

Formulae in (ALQS R ) h must satisfy various syntactic constraints. First of all, all quantifier prefixes 
occurring in a formula in (4LQS R ) h must have their length bounded by the constant h. Thus, given 
a satisfiable (ALQS R ) h -formula tp and a 4LQ5' R -model M = (D, M) for it, from Theorem O it 
follows that tp is satisfied by the relativized interpretation M.* = (D*,M*) of Ai with respect to a 
domain D* whose size is bounded by the expression in (|2]). But since in this case L m < h and L n < h, 
where L rn and L n are defined as in Step 4 of the construction of D* (cf. Section 13-2- 1 b . it follows 
that the bound in © is quadratic in the size of tp. The remaining syntactic constraints on (ALQS R ) h - 
formulae will allow us to deduce that M*X 2 C pow <h (D*), for any free variable X 2 of sort 2 in tp, 
and M*X 3 C pow <ft (pow <fc (.D*)), for any free variable X 3 of sort 3 in ip, so that the model A4* 
can be guessed in nondeterministic polynomial time in the size of tp, and one can check in deterministic 
polynomial time that A4* actually satisfies tp, proving that the satisfiability problem for (ALQS R ) h - 
formulae is in NP. As the satisfiability problem SAT for prepositional logic can be readily reduced to 
that for ^LQS^^-formulae, the N P-completeness of the latter problem follows. 



Definition 4.1. ((4LQS R ) h -(ormulae) 

Let <p be a 4LQS R -formula involving the designated free variables X\j, X 2 <h , and X 3 <h (of sort 1, 2, 
and 3, respectively). Let X 2 , . . . , X 2 be the free variables of sort 2 occurring in 99, distinct from X 2 <h . 
Likewise, let Xf, . . . , X| be the free variables of sort 3 occurring in tp, distinct from X< h . Then cp is a 
(4LQ5' if ) /l -formula, with h > 2, if it has the form (up to the order of the conjuncts) 

$J A ? <h A £ h A V? A . . . A Vp A V? A . . . A ^ A X , 

where 

1. & = (yz)(zexb), 

i.e., Xjj is the (nonempty) universe of discourse; 

2. e <h = (vz 1 ) (z 1 g x 2 <h -> (Vzx) . . . (Vz fc ) (Ati * e z x -> ^ = *;)), 

X 2 h C pow <fc (X^) (together with formula 

3. = (VZ 2 )(z 2 6 X^ -> ((VZi)(Z* € Z 2 -> Z 1 G X 2 ,) 

a (vzf) . . . (vz*)( Atx z* € z 2 v!: ( ^ = ^))), 

/.e, X< fe C pow <?l (pow < / l (X^)) (together with formulae £~ and ^ 2 <h ); 

4. either z/>f = (VZ 1 )(Z 1 G X 2 ->■ Z 1 G X 2 J or V 2 = X? G X 3 <h , for i = 1, . . . ,p, 
so ?/za?, X 2 C pow <fc (X^), /or i = 1, . . . ,p (together with formulae £jj and £ 2 /J; 

5. ^ 3 = (VZ 2 )(Z 2 G X| -> Z 2 G X^), for j = 1, . . . , k, 

i.e., X? C pow <h (pow <h (Xu)), for j = l,...,k (together with formulae £ 2 h , and £? <h ); 

6. x is a propositional combination of 

(a) quantifier-free atomic formulae of any level, 

(b) purely universal formulae of level 1 of the form 

(Vzi) . . . (Vz n )v? , 

with n < h, 

(c) purely universal formulae of level 2 of the form 

(VZl) . . . (VZi)((Z 1 1 G X\ h A . . . A Z x m G X 2 <h ) ^) , 

where m < h and 931 is a propositional combination of quantifier-free atomic formulae and 
of purely universal formulae of level 1 satisfying (|6bl above, 

(d) purely universal formulae of level 3 of the form 

(VZ 2 ) . . . (VZ 2 )((Z 2 G X 3 <h A . . . A Z 2 G X^) cp 2 ) , 

where p < h and 922 is a propositional combination of quantifier-free atomic formulae, and 
of purely universal formulae of level 1 and of level 2 satisfying d6bl and d6cT > above. 



Having defined the fragments (ALQS ) , for h > 2, next we prove that each of them has an NP- 
complete satisfiability problem. 

Theorem 4.1. The satisfiability problem for (ALQS R ) h is NP-complete, for any h > 2. 
Proof: 

The satisfiability problem SAT for propositional logic can be readily reduced to the one for (ALQS R ) h - 
formulae, for any h > 2, as follows. Given a formula p £ SAT, we construct a quantifier-free 
{4LQS R ) h -formula ip p by replacing each propositional letter Pi in p by the quantifier-free formula 
Xi G X 1 , where X 1 is a fixed variable of sort 1 and the XjS are distinct variables of sort in a one- 
one correspondence with the distinct propositional letters in p. Plainly, p is propositionally satisfiable if 
and only if ip p is satisfiable by a 4LQS R -model. Therefore the NP-hardness of the satisfiability problem 
for (^QS^-formulae follows. 

To prove that our problem is in NP, we reason as follows. Let 

<P = tu* ?<h A e< ft A V^i 1 A . . . A ^ A V? A . . . A Vfc A x (12) 

be a satisfiable (^QS^^-formula, and let be a set of formulae constructed as follows. Initially, we 
put 

and then, we modify according to the following six rules, until no rule can be further applied!! 

Rl: if £ = — £i is in H v , then = (H v \ {£}) U {&}, 

R2: if £ = £i A £2 (resp., £ = -i(£i V £2)) is in iJ^ (i.e., £ is a conjunctive formula), then we put 
H v := (H v \ {£}) U {6,6} (resp., H v := (H v \ {£}) U {-£i,-£ 2 }), 

R3: if £ = £1 V £2 (resp., £ = -i(£i A £2)) is in -£^j (i-e., £ is a disjunctive formula), then we choose a £j, 
i € {1, 2}, such that H 9 U {6} (resp., H v U {->&}) is satisfiable and put H v := (H 9 \ {£}) U {£J 
(resp., H v := (H v \ {£}) U {-£}), 

R4: if £ = -n(V^i) . . . (Vz n )(p is in H^, then il v := (H v \ {£}) U {^(po)l{]Zfzl}> where zi, . . . , z„ 
are newly introduced variables of sort 0, 

R5: if £ = -.(VZi 1 ) . . . (VZ^>t is in H v , then ^ := (^\{£})U{-(^i)|i'-'|f}> where , . . . , 
are fresh variables of sort 1, 

R6: if £ = -(VZ 2 ) . . . (VZ 2 )^2 is in then ^ := (^\{£})U{-(^ 2 ) %^%}, where Z 2 , . . . , Z 2 
are newly introduced variables of sort 2. 

Plainly, the above construction terminates in C?(|y>|) steps and if we put tp = Afei? £, it turns out that 

(a) V is a satisfiable (4LQS' R ) /, '-formula, 

(b) H = 0(\<p\), and 

5 We recall that an implication A — > B has to be regarded as a shorthand for the disjunction -^A V B. 



(c) ip — > <~P is a va lid 4LQS -formula. 

In view of (a)-(c) above, to prove that our problem is in NP, it is enough to construct in nondeterministic 
polynomial time a 4L(5>5' R -interpretation and show that we can check in polynomial time that it actually 
satisfies ip. 

Let M. = (D, M) be a ALQS R -moAe\ for ip and let M* = (D*, M*) be the relativized interpreta- 
tion of M. with respect to a domain D* satisfying ©, hence such that \D*\ = 0(\ip\ h+1 ), since ip is a 
(4LQS' i? )' l -formula (cf. Theorem 13. H and the construction described in Sections l3.2.1l and l3.2.2l ). 

In view of the remarks just before Definition l4.il to complete our proof it is enough to check that 

• M*X 2 C pow <h (D*), for any free variable X 2 of sort 2 in ip (which entails that |M*X 2 | = 
0(\D*\ h )), 

• M*X 3 C pow <fe (pow <h (Z)*)), for any free variable X 3 of sort 3 in ip (which entails that 

\M*X 3 \ = 0(\D*\ h2 % and 

• A4* \= ip can be verified in deterministic polynomial time. 

To prove that M*X 2 C pow <h (D*), for any free variable X 2 in ip, we reason as follows. Let X 2 be 
a variable of sort 2 occurring free in ip. From Definition 13. II we recall that 

M*X 2 = {(MX 2 n pow(L>*)) \ {M* X 1 : X 1 £ (V[ U Vf )}) 

U{M*X X : X 1 € (V( U Vf ), MX 1 G MX 2 } . (13) 

Observe that 

MX 2 C pow <h (Z?). (14) 

Indeed, if the variable X 2 coincides with X 2 <h , then (fT4l follows from the fact that ip contains the con- 
junct £ 2 h . On the other hand, if X 2 is distinct from X 2 <h , then ^ contains either the conjunct (VZ 1 )(Z 1 € 
X 2 -> Z 1 G X 2 <h ) or the conjunct X 2 G X^. In the first case, (MZ l )(Z l G X 2 ->• Z 1 G X 2 ft ) to- 
gether with the conjunct £ 2 h , implies again (fT4l . From ( fT3l ) and (fT4l) . we get M*X 2 C pow <h (I?*). 
The other case is handled in a similar way. 

Checking that M*X 3 C pow <ft (pow <ft (Z)*)), for any free variable X 3 of sort 3 in ip, can be carried 
out much as was done for free variables of sort 2. 

From what we have shown so far, it follows that in nondeterministic polynomial time one can con- 
struct 

• the (4LQS R ) h -formula ip, as a result of applications of rules R1-R6 to the initial set H v (corre- 
sponding to the input formula tp) until saturation is reached, 

• the 4LgS' i? -interpretation M* = (D*,M*) (of ip). 

By the soundness of rules R1-R6, it follows that the 4LQS R -formula ip — > ip is valid. Thus, we obtain 
a succint certificate of the satisfiability of ip if we show that it is possible to check in polynomial time 
that A4* |= ip holds. This is equivalent to show that we can check in polynomial time that M* \= £;, for 
every conjunct £ of ip. We distinguish the following cases. 



£ is a quantifier-free atomic formula: Since all variables in £ are interpreted by Ai* with sets of poly- 
nomial size, the task of checking memberships and equalities among such sets can be performed 
in polynomial time. 

£ is a purely universal formula of level 1 (Vzj.) . . . (\/z n )po, with n < h: We have that Ai* |= 
(Vzi) . . . (Vz n )(po if and only if A\*\z\ju\, . . . , 2 n /u n ] |= 990, for every u\, . . . ,u n E D*. 
From the previous case, for any u\,...,u n E D*, one can compute in polynomial time whether 
Ai*[zi/u\, . . . , Zn/iLn] \= <fio- Since the collection of such n-tuples u-y, . . . , u n € -D* has poly- 
nomial size in \p\, it turns out that one can check that Ai* \= (Vzi) . . . (Vz n )<po in polynomial 
time. 

£ is a purely universal formula of level 2: If 

c=e<H = vz i )(z^ e ((v^) . . . (v Zfc )( A *i € z 1 ( y zi = *,)))) , 

in order to verify that At* |= £, it is enough to check that Ai*X 2 <h C pow </l (D*), which can be 
clearly done in polynomial time. 

If i = {MZ 1 )^ 1 E X 2 -> Z 1 E with X 2 a free variable of sort 2, then in order to verify 

that Ai* \= £ it is enough to check whether Ai*X 2 C Ai*X^, h , which again can be done in 
polynomial time. 

Finally, if £ = (VZf) . . . (VZ^)((Z 1 1 E X| h A . . . A E -> pi) where m < h 

and tpi is a propositional combination of quantifier-free atomic formulae and of purely univer- 
sal formulae of level 1 of the form (Vzi) . . . (\/z n )po, with n < h (cf. Definition 14.1 ll6cl) ) . then 
Ai* \= £ if and only if M*[Z\/U{, Z^/U^} (= ^1, for every C/J-, . . . , 17*, e M*X 2 <h . 
Again, the latter task can be accomplished in polynomial time, since, in view of the previous 
two cases Ai*[Z\/U\, . . . , Z^/U^] \= ip\ can be checked in polynomial time, for each m-tuple 
U\,..., E M*X 2 <h , and the number of such ?n-tuples is polynomial. 

£ is a purely universal formula of level 3: This case can be handled much along the same lines of the 
previous case. 

Summing up, we have shown that the satisfiability problem for (4LQS R ) h -formulae is in NP. This, 
together with its NP-hardness, which was shown before, implies the N P-completeness of our problem. 

□ 

In the next section we show how the fragment 4LQS R can be used to formalize the modal logic K45. 
4.2. Applying ALQS R to modal logic 

The modal language I_m is based on a countably infinite set of propositional letters V = {p\ , P2, . . .}, the 
classical propositional connectives 'A' , and 'V', the modal operators '0' (and the parentheses). 
Lm is the smallest set such that V C Ljy/, and such that if ip, tp E \-m, then -up, <p A ip, p V ip, Op, 
()p E L vf. Lower case letters like p denote elements of V and Greek letters like ip and ip represent 



formulae of Lm ■ Given a formula cp of Lm, we indicate with SubF(tp) the collection of the subformulae 
of cp. The modal depth of a formula cp is the maximum nesting depth of modalities occurring in (p. In the 
rest of the paper we also make use of the propositional connective '— >•' defined in terms of and 'V' 

as: cp — > tp = -193 V tp. 

A normal modal logic N is any subset of L m which contains all the tautologies and the axiom 

K : (px p 2 ) -> (D Pl -> Dp 2 ) , 
and which is closed with respect to the following rules: 
(Modus Ponens): if cp, tp — >■ tp G N, then tp G N, 
(Necessitation): if <yj G N, then Di^e N, 
(Substitution): if <p G N, then G N, 

where cp,tp E Lm, and the formula is the result of uniformly substituting in cp propositional letters 
with formulae (the reader may consult a text on modal logic like 121 for more details). 

A Kripke frame is a pair (W, R) such that W is a nonempty set of possible worlds and R is a binary 
relation on W called accessibility relation. If R(w, u) holds, we say that the world u is accessible from 
the world w. A Kripke model is a triple (W, R, h), where (W, R) is a Kripke frame and h is a function 
mapping propositional letters into subsets of W. Thus, h(p) is the set of all the worlds in which p is true. 

Let if = {W, R, h) be a Kripke model and let w be a world in if. Then, for every p G V and for 
every tp, tp G Lm, the satisfaction relation |= is defined as follows: 

• if , w \= p iff w G 

• K, w \= <p V tp iff If, to |= <p or iT, it? |= tp; 

• if, it? (= cp A tp iff if,u;|=(/9 and K,w \= tp; 

• K,w \= -<cp iff K,w Y= <P1 

• K,w \= Dcp iff K, w' \= cp, for every w' £ W such that (w, w') G -R; 

• K , it; (= 0^ iff there is aw' £ W such that (w, w') G and K, w' \= cp. 

A formula cp is said to be satisfied at to in K if if , to |= 93; is said to be valid in if (and we write 
if |= cp), if K,w \= cp, for every w G W. 

The smallest normal modal logic is K, which contains only the modal axiom K and whose accessi- 
bility relation R can be any binary relation. The other normal modal logics admit together with K other 
modal axioms drawn from the ones in Table [3] 

Translation of a normal modal logic into the 4LQS R language is based on the semantics of propo- 
sitional and modal operators. For any normal modal logic, the formalization of the semantics of modal 
operators depends on the axioms that characterize the logic. 

In the case of the logic K45, whose decision problem has been shown to be NP-complete in |[T5l . 
the modal formulae Dcp and 0</? can be expressed in the ALQS R language and thus the logic K45 can be 
entirely translated into the 4LQS R fragment. This is shown in what follows. 



Axiom 


Schema 


Condition on R (see Table Q]) 


T 


Dp — > p 


Reflexive 


5 


Op -> DOp 


Euclidean 


B 


p — > DOp 


Symmetric 


4 


Dp — > DDp 


Transitive 


D 


Dp -> Op 


Serial: (\/w)(3u)R(w, u) 



Table 3. Axioms of normal modal logics 



4.2.1. The logic K45 

The normal modal logic K45 is obtained from the logic K by adding to K the axioms 4 and 5 listed in 
Table[3] Semantics of the modal operators □ and for the logic K45 can be described as follows. Given 
a formula ip of K45 and a Kripke model K = (W, R, h), we put: 

• K \= Dip iff K,v \= ip, for every v G W s.t. there is a w' G W with (w',v) G R, 

• K \= Op iff K, v \= cp, for some v G W s.t. there is a w' G W with (w', v) G it!. 

This formulation allows one to express a formula ip of K45 into the ALQS R fragment. In order to sim- 
plify the definition of the translation function TK45 introduced below, we give the notion of the "empty 
formula", to be denoted by A, and which will not be interpreted in any particular way. The only require- 
ment on A needed for the definitions to be given below is that A A ip and ip A A must be regarded as 
syntactic variations of ip, for any 4LQ5 fi -formula ip. 

Intuitively, the translation function t«45 associates to each formula ip of K45 a 4LQS R -formula 
defining a variable X v of sort 1, which denotes the subset W v of W such that K, w (= <p if and only if 
w G Wtp, for every Kripke model K = (W, R, h). We proceed as follows. 

For every propositional letter p, let r^ 45 (p) = Xp, with A* G Vi, and let r^ 45 : K45 -»• 4ZQS R be 
the function defined recursively as follows: 

• T K45(P) = A ' 

• t&sHp) = (V*)(* e ^ o e A*)) a r^), 

• ^ 45 (</?i A P2) = (Vz)(z G A^ 1/V2 H(2€^A2€ A^)) A r^ 45 (<^i) A r^^), 

• ^ 45 (</?i V ¥> 2 ) = (Vz)(z G A^ iV¥ , 2 o (z G A^ V 2 G A^)) A r^ 45 (^i) A 4 45 (p 2 ), 

• 4 45 (DiP) = (Vz 1 )((-(Vz 2 )-((z 2 ,z 1 ) G A|)) -> 2l G X$ (Vz)(z G A^) 

A^HHV^H^, Zl ) G A| )) A -(Z! G A*,)) (Vz)-(z G A^) A r^), 

• T&sCOVO = -(V^i)-((-(Vz 2 )-((z 2 ,z 1 ) G A|)) A Zl G A*) (Vz)(z G A^) 

A(Vz 1 )(((Vz 2 )-((z 2 , Zl ) G X%)) V -n( Zl G X 1 ,))) (Vz)-(z G A* ) A r^), 



where A is the empty formula, X^, X* , X* lAv?2 , X^ Wipa , X^ , X* 2 G Vi, and X| G V 3 . 

Finally, for every ip in K45, if <p is a propositional letter in we put tk45(^>) = 7k45 (</?)> otherwise 
7x45(92) = T"K45(y)- Next, by means of the following formulae, we characterize a variable X^ of sort 3, 
intended to denote the accessibility relation R of the logic K45: 



• Xi = 


(Vz 1 )(Vz 2 )((z 1 ,z 2 )€X3 3 ), 




• X2 = 


(VZ 2 )((Z 2 G X| 3 ) ->. ((Z 2 G X| o -.(VzOCVza)-. 


«zi,z 2 > = ^)))), 


• X3 = 


(Vzi, z 2 , z 3 )(((z 1 ,z 2 ) G X| A (z 2 , z 3 ) G X^ ) -> (zi 




• X4 = 


(Vzi, z 2 , z 3 )({(zi, z 2 ) G X% A (zj, z 3 ) G X|) -> (z 2 




• # = 


(vz 2 )(z 2 e4 ^z 2 eiy. 





Correctness of the translation is stated by the following lemma. 

Lemma 4.1. For every formula ip of the logic r«45, ip is satisfiable in a model K = (W, R, h) if and 
only if there is a 4L<55' fi -interpretation satisfying x G X*. 

Proof: 

Let w be a world in W. We construct a 4LQ5 fi -interpretation Ai = (W, M) as follows: 

• Mx = w, 

• MXp = h(p), where p is a propositional letter and Xl = 7K45 (p), 

• Mtk45(V0 = true, for every subformula ip of 99, distinct from a propositional letter. 

To prove the lemma, it would be enough to show that K , w \= ip iff M \= x G X* However, it is more 
convenient to prove the following more general property: 

Given aw £W and a y G Vo such that My = w, we have 

K,w^<p iff M^yeX 1 ^. 

We proceed by structural induction on ip by considering for simplicity only the relevant cases in which 
(p = Hip and ip = §ip. 

• Let (p = Dip and assume that K,w \= Dip. Let v be a world of W such that (u,v) G R 
for some u G W, and let xi,x 2 G Vo be such that v = Mx\ and u = Mx 2 . We have that 
K,v \= tp and, by inductive hypothesis, M \= x\ G Xl. Since M |= r^sfp'i/')' th en N 
(Vzi)((-.(Vza)-.«Z2,«i) G Xl)) -> zi G Xj) -> (Vz)(z G X^,). Hence Mfo/w, z 2 /«, z/H |= 
((z 2 ,zi) G X| -> zi G X\) -> z G X^ and thus M |= ((x 2 ,xi) G X| ^ x x G Xj) -> 
y G iL. Since M |= (x 2 ,xi) G X^ — >■ xi G Xj, by modus ponens we have the thesis. The 
thesis follows also in the case in which there is no u such that (u, v) G X^. In fact, in that case 
M (= (x 2 , x\) G X|, -> xi G X3, holds for any x 2 G Vo- 

Consider next the case in which K, w Y= dtp. Then, there must be a v G W such that (u, v) G Xj^, 
for some u G W, and X, v Y= ip. Let xi, x 2 G Vo be such that Mxi = v and Mx 2 = u. Then, by 
inductive hypothesis, M y= x\ G XA. 



By definition of M, we have M \= ^(Vzi)^((^(Vz 2 )-.((z 2 , zi) G X|)) A -.(zi G XAj) -> 
(Vz)->(z € -X"™). By the above instantiations and by the hypotheses, we have that M \= 
(((x 2 ,x 1 ) G X|) A -.(an € X*)) -)> -.(j, G X^) and M |= ((x 2 ,x 1 ) € X|) A -.(a* G XA,). 
Thus, by modus ponens, we obtain the thesis. 

• Let 99 = 0^ and assume that K, w \= (}if). Then there are u, v 6 such that (u, v) £ R and 
X, t> |= V>- Let x±,X2 G Vo be such that Mx\ = v and Mx 2 = u. Then, by inductive hypothesis, 
M \= xi G X,},. Since M |= t K4 5«>?/>), it follows that M \= -. (Vzi )-■((-. (Vz 2 )->( (z 2 , zi) € 
Xfi)) A 01 G Xi) — > (Vz)(z € Xa.). By the hypotheses and the variable instantiations above it 
follows that M f= (((x 2 ,xi) G X%) A x\ G XAj Xi^, and M |= ((x 2 , xi) G X|) A xi G 

XA. Finally, by an application of modus ponens the thesis follows. 

On the other hand, if K,w then for every v G W, either there is no u G W such that 

(u, v) G R, or X, d Y 1 Let xi, x 2 G Vo be such that Mx\ = v and Mx 2 = u. If K,v ^= tp, by 
inductive hypothesis, we have that M y G XA. 

Since M |= (Vzi)(((Vz 2 H(z 2 , Zl ) G X|)) V -.(zi G XA,)) -> (Vz)-(z G X^), by the 
hypotheses and by the variable instantiations above we get M \= (-i((x 2 ,xi) G X^) V — i(a?i G 
-> G X^) and M |= H(x 2 ,xi) G X%) V -.(a* G XAJ). Finally, by modus ponens 
we infer the thesis. 

□ 

It can be easily verified that TK45(y) is polynomial in the size of tp and that its satisfiability can be 
checked in nondeterministic polynomial time since the formula 

Sw A £<3 A e< 3 A Vl A (Xl A X2 A X3 A X4 A Wv?)) 

belongs to (4L<5 < 5' fi ) 3 l^l Thus, the decision algorithm for ALQS R we have presented and the transla- 
tion function described above yield a nondeterministic polynomial decision procedure for testing the 
satisfiability of any formula ip of K45. 

5. Conclusions and future work 

We have presented a decidability result for the satisfiability problem for the fragment 4LQS R of multi- 
sorted stratified syllogistic embodying variables of four sorts and a restricted form of quantification. As 
the semantics of the modal formulae \3tp and Ov 9 i n tne modal logic K45 can be easily formalized in 
a fragment of 4LQS R , admitting a nondeterministic polynomial decision procedure, we obtained an 
alternative proof of the NP -completeness of K45. The results reported in the paper offer numerous hints 
of future work, some of which are discussed in what follows. 

Recently, we have analyzed several fragments of elementary set theory. It will be interesting to 
ameliorate existing techniques to verify in a formal way the truth of expressivity results that for the 
moment we have only conjectured. Moreover, we plan to find complexity results for the fragments 
3LQS R (cfr. (3) and ALQS R , and for some of their sublanguages like, for instance, the sublanguages of 
ALQS R characterized by the fact that quantifier prefixes have length bounded by a constant. According 



6 £,w is intended to characterize a nonempty set of possible worlds. 



to the construction of Section l3.2. 1 I smail models for formulae of these sublanguages have a finite domain 
D* that is polynomial in the size of the formula. However, their formulae are not subject to the syntactical 
constraints characterizing formulae of the (ALQS R ) h languages and allowing the satisfiability problem 
for the {ALQS R ) h fragments to be NP-complete. 

As we mentioned in the Introduction, stratified syllogistics have been studied less than one sorted 
multi-level ones. Thus, a comparison of the results obtained in this paper with the results regarding one 
sorted multi-level set theoretic decidability is in order. 

Formalizations of modal logics in set theory have already been provided within the framework of 
hyperset theory [T] and of weak set theories ifTTIl . without the extensionality and foundation axioms. 

We intend to continue our study, started with (3, concerning the limits and possibilities of expressing 
modal, and more generally, non-classical logics in the context of stratified syllogistics. Currently, in the 
case of modal logics characterized by a liberal accessibility relation like K, we are not able to translate 
the modal formulae Dtp and §<p in 4LQS R . We plan to verify if 4LQS R allows one to express modal 
logics with nesting of modal operators of bounded length. We also intend to investigate extensions of 
ALQS R which allow one to express suitably constrained occurrences of the composition operator on 
binary relations and of the set-theoretic operator of general union. We expect that these extensions will 
make it possible to express all the normal modal logic systems and several multi-modal logics. Finally, 
since within 4LQS R we are able to express Boolean operations on relations, we plan to investigate the 
possibility of translating fragments of Boolean modal logic and expressive description logics admitting 
boolean constructors over roles. 

References 

[1] J. Barwise and L. Moss. Vicious circles. Vol. 60 of CSLI Lecture notes. CSLI, Stanford, CA, 1996. 

[2] P. Blackburn, M. de Rijke, and Y. Venema. Modal Logic. Cambridge University Press, Cambridge Tracts in 
Theoretical Computer Science, 2001. 

[3] D. Cantone. Decision procedures for elementary sublanguages of set theory: X. Multilevel syllogistic ex- 
tended by the singleton and powerset operators. Journal of Automated Reasoning, volume 7, number 2, pages 
193-230, Kluwer Academic Publishers, Hingham, MA, USA, 1991. 

[4] D. Cantone and V. Cutello. A decidable fragment of the elementary theory of relations and some applications. 
In ISSAC '90: Proceedings of the International Symposium on Symbolic and Algebraic Computation, pages 
24-29, New York, NY, USA, 1990. ACM Press. 

[5] D. Cantone and V. Cutello. Decision procedures for stratified set-theoretic syllogistics. In Manuel Bronstein, 
editor, Proceedings of the 1993 International Symposium on Symbolic and Algebraic Computation, ISSAC'93 
(Kiev, Ukraine, July 6-8, 1993), pages 105-1 10, New York, 1993. ACM Press. 

[6] D. Cantone, V. Cutello, and J. T. Schwartz. Decision problems for Tarski and Presburger arithmetics extended 
with sets. In CSL '90: Proceedings of the 4th Workshop on Computer Science Logic, pages 95-109, London, 
UK, 1991. Springer- Verlag. 

[7] D. Cantone and A. Ferro Techniques of computable set theory with applications to proof verification. Comm. 
PureAppl. Math., pages 901-945, vol. XLVIII, 1995. Wiley. 

[8] D. Cantone, A. Ferro, and E. Omodeo. Computable set theory. Clarendon Press, New York, NY, USA, 1989. 



[9] D. Cantone and M. Nicolosi Asmundo. On the satisfiability problem for a 3-level quan- 
tified syllogistic with an application to modal logic. Submitted, 2012. Available at: 
http://www.dmi.unict.it/~nicolosi/3LQSRmodal.pdf 

[10] D. Cantone, E. Omodeo, and A. Policriti. Set Theory for Computing - From decision procedures to declarative 
programming with sets. Springer- Verlag, Texts and Monographs in Computer Science, 2001. 

[11] G. D'Agostino, A. Montanari, and A. Policriti. A set-theoretic translation method for polimodal logics. 
Journal of Automated Reasoning, 3(15): 317-337, 1995. 

[12] N. Dershowitz and J. P. Jouannaud. Rewrite Systems. Handbook of Theoretical Computer Science, Volume 
B: Formal Models and Sematics (B), 243-320, 1990. 

[13] A. Ferro and E.G. Omodeo. An efficient validity test for formulae in extensional two-level syllogistic. Le 
Matematiche, 33:130-137, 1978. 

[14] A. Formisano, E. Omodeo, and A. Policriti. Three-variable statements of set-pairing. Theoretical Computer 
Science, 322(1), 147-173, 2004. 

[15] R. Ladner. The computational complexity of provability in systems of modal propositional logic. SIAM 
Journal of Computing, 6: 467-480, 1977. 



